ABSTRACT
Many techniques for multicast authentication employ the principle of delayed key disclosure. These methods introduce delay in authentication, employ receiver-side buffers, and are susceptible to denial-of-service (DoS) attacks. Delayed key disclosure schemes have a binary concept of authentication and do not incorporate any notion of partial trust. This paper introduces staggered timed efficient stream loss-tolerant authentication (TESLA), a method for achieving multigrade authentication in multicast scenarios that reduces the delay needed to filter forged multicast packets and, consequently, mitigates the effects of DoS attacks. Staggered TESLA involves modifications to the popular multicast authentication scheme, TESLA, by incorporating the notion of multilevel trust through the use of multiple, staggered authentication keys in creating message authentication codes (MACs) for a multicast packet. We provide guidelines for determining the appropriate buffer size, and show that the use of multiple MACs and, hence, multiple grades of authentication, allows the receiver to flush forged packets quicker than in conventional TESLA. As a result, staggered TESLA provides an advantage against DoS attacks compared to conventional TESLA. We then examine two new strategies for reducing the time needed for complete authentication. In the first strategy, the multicast source uses assurance of the trustworthiness of entities in a neighborhood of the source, in conjunction with the multigrade authentication provided by staggered TESLA. The second strategy achieves reduced delay by introducing additional key distributors in the network.
TABLE OF CONTENTS
TITLE PAGE
CERTIFICATION
DEDICATION
ACKNOWLEDGEMENT
ABSTRACT
TABLE OF CONTENTS
CHAPTER ONE
INTRODUCTION
1.1BACKGROUND OF THE STUDY
1.2STATE OF THE PROBLEM
1.3PURPOSE OF THE STUDY
1.4AIMS AND OBJECTIVES
1.5SCOPE OF STUDY
1.6LIMITATIONS OF STUDY
1.7ASSUMPTIONS
1.8DEFINITION OF TERMS
CHAPTER TWO
LITERATURE REVIEW
CHAPTER THREE
3.1DESCRIPTION AND ANALYSIS OF EXISTING SYSTEM
3.2FACT FINDING METHOD USED
3.3ORGANIZATION STRUCTURE
3.4OBJECTIVES OF EXISTING SYSTEM
3.5INPUT, PROCESS AND OUTPUT ANALYSIS
3.6INFORMATION FLOW DIAGRAMS
3.7PROBLEMS OF THE EXISTING SYSTEM
3.8JUSTIFICATION OF THE NEW SYSTEM
CHAPTER FOUR
4.1DESIGN OF THE NEW SYSTEM
4.2INPUT SPECIFICATION AND DESIGN
4.3OUTPUT SPECIFICATION AND DESIGN
4.4FILE DESIGN
4.5PROCEDURE CHART
4.6SYSTEM FLOW CHART
4.6.1 SYSTEM REQUIREMENTS
4.7IMPLEMENTATION
4.7.1PROGRAM DESIGN
4.7.2PROGRAM FLOWCHART
4.7.3PSEUDO CODE
4.7.4SOURCE PROGRAM: TEST RUN
CHAPTER FIVE
5.0DOCUMENTATION
5.1RECOMMENDATION
5.2CONCLUSION
BIBLIOGRAPHY